Ok, fine, I know – Google’s mantra is “don’t be evil”, and they would never do anything like selling all of your most personal thoughts, hopes, dreams and fears to marketers for financial gain. They became a company with a 379.45 Billion market cap (thanks, google finance) off of pure fucking sunshine, rainbows, and unicorns.

I’m not going to delve into a black hole discussion of ethics in the information age here, cause some things are pretty black and white. Like if you call into a call center and tell them there’s a bomb in the building – that’s just fucked up, and I hope your ass gets caught and spends some time in a cell with a well-endowed man named “Bubba”.

In fact, I’ll be happy to help make that shit a reality by putting a button on an agent’s phone to flag this type of call. Let’s take a look at the config and operation of the “Malicious Call ID” feature.

First, create a new softkey template under Device > Device Settings > Softkey Template:

Screen Shot 2015-03-27 at 7.36.42 PM


If this is your first time creating a new Softkey Template, you’re gonna be all like, “WTF? Where do I actually configure the softkeys?”

Don’t worry, be happy, and look up to your right under related links:

Screen Shot 2015-03-27 at 7.37.01 PM

Then, choose the connected state and stick that MCID where peeps can see it:

Screen Shot 2015-03-27 at 7.37.57 PM

Depending on the phones you’re trying to deploy this to – you may be almost done. A softkey template can be updated directly on lots of 78XX and 79XX phones. A little BAT magic, and you’re there.

Although, more commonly, you’d really want to apply this softkey template to a common device configuration. And if you’re using those fancy new 89XX and 99XX phones, you need to update the feature control policy and common phone profile to make this magic happen:


They call it “Report Caller” on the 89/99XX phones, which is probably a more apt description than “MCID” for an end user. When you actually press the button, it gives you a message stating “Malicious call ID Successful”, so it’s not really a consistent and preferred nomenclature, dude.

I would be remiss if I failed to mention a couple more things here. Once you have this button on your phones, you need some way to know when people press it. There’s a couple options here:

1 – Make sure you have RTMT alerting set up with an appropriate Alert Action for this bad boy!

Email a MOFO

If you do, you’ll be notified of the call details immediately (if not sooner) via electronic mail with something like this:

CalledPartyNumber : 1000
CalledDeviceName : SEP6CFA8902DE4F
CalledDisplayName : Peter Gozinya x1000
CallingPartyNumber : +14042834957
CallingDeviceName : SME_CLUSTER
CallingDisplayName : WIRELESS CALLER
AppID : Cisco CallManager
ClusterID : LeafCluster1
NodeID :
TimeStamp : Sat Mar 28 17:29:19 EDT 2015.
The alarm is generated on Sat Mar 28 17:29:19 EDT 2015.


2 – Would it kill you to run the “Malicious Calls” report every once in a fucking while? No, no it wouldn’t. They put a special report right there under the CDR menu in CAR, which is accessible from Unified Servicability, or just by tacking /car/ to the end of your Pub’s URL. So, if you’re going to use the feature, run this.



I having been getting pressure to blog something, so here it is. I received an email from a project manager for some technical help on one of his current projects. I had a project over a year ago where I installed some 7925 wireless phones and integrated with a nurse call system.

When I first read the email, it was like he was speaking a foreign language. The nurse call vendor was asking the engineer on the project for a dial back string. They were asking me if I knew what that was. I was like no, who can remember that shit? So I went to sleep that night and said to myself, “self look at my emails and notes and see if you can’t un-fuck his shit.”

In the morning with a little clearer mind, I started digging through my notes and email. I found something in the first few emails. I started to write up a response but then I realized it was the wrong answer. I finally remembered what I had to do to get it to work. The engineer had configured the FXS ports as MGCP since that was what the sow stated. I said woa, un-fuck that shit, it has to be H.323 since you need dial-peers to insert a pause in the dial string coming from the wireless phone.

You see the nurse call system was interfaced through FXS ports which then went out to the speaker on the hospital bed. The FXS ports were just the method of connecting over to the nurse call system. Once the call rang on the FXS port the nurse call system would answer the call and expect DTMF tones to tell it the room or bed number. So from the wireless phone the nurse would press a button after receiving a text message as an alert from the bed. That would trigger a phone call from the wireless phone to a number string, 1995000303#, for example. In CUCM I created a route pattern of 1995000!# and routed it to the H.323 gateway, stripping the “#”. The gateway then had a dial-peer which would strip 1995000 and “prefix ,,”. See below for example.

dial-peer voice 1995000 pots
preference 1
destination-pattern 1995000.T
progress_ind setup enable 3
incoming called-number .
port 0/1/0
prefix ,,

So after explaining how digits are stripped by default from destination-patterns unless a no digit strip command is used, I told him to un-fuck his config and make everything h.323 so that he can insert a pause in the middle of a dial string to only forward the room or bed number to the nurse call system.

Sometimes it is good to dust off the old neurons and have to remember shit you don’t use everyday.